Skip to content

Fix incorrect OpenIDConnect discovery url #3607

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Mar 7, 2024
Merged

Fix incorrect OpenIDConnect discovery url #3607

merged 2 commits into from
Mar 7, 2024

Conversation

shilpa-padgaonkar
Copy link
Contributor

Fixes #3152

@handrews handrews added security security: auth Authentication including overlap with authorization labels Feb 24, 2024
This was referenced Feb 24, 2024
Closed
Closed
@shilpa-padgaonkar
Copy link
Contributor Author

@handrews : As discussed in the last call, I have made the changes to the existing PR now.

Just to elaborate the changes again:

The original spec had this text

OAuth2's common flows (implicit, password, client credentials and authorization code) as defined in RFC6749, and OpenID Connect Discovery

The link to OpenID Connect discovery was mistakenly pointed to Oauth2 discovery specs - https://tools.ietf.org/html/draft-ietf-oauth-discovery-06.
I corrected this in my original PR to point it to OpenID Connect Discovery specs.

I later realized that the text (or reference) itself doesn't fit here, and it should rather be OpenID Connect Core (and not OpenID Connect Discovery) which would then refer to the link - https://openid.net/specs/openid-connect-core-1_0.html.

I have now made both these changes to the existing PR. Could you kindly check?

@handrews
Copy link
Member

handrews commented Mar 5, 2024

@lornajane were you the one that asked for changes here? All I remember that is that it quickly exceeded my knowledge in this area. @shilpa-padgaonkar's comment makes sense to me so my approval still stands.

@handrews handrews mentioned this pull request Mar 7, 2024
Closed
@earth2marsh earth2marsh merged commit 3e304ee into OAI:v3.0.4-dev Mar 7, 2024
@handrews handrews mentioned this pull request Apr 25, 2024
Closed
@handrews handrews added this to the v3.0.4 milestone May 17, 2024
This was referenced Jun 3, 2024
Closed
Merged
miqui added a commit that referenced this pull request Jun 6, 2024
@miqui
Merge pull request #3881 from handrews/shilpa-fix-openid-311
f9923f9 
OpenID Connect Core URL fix (3.1.1 port of #3607)
@handrews handrews mentioned this pull request Jun 8, 2024
Merged
miqui added a commit that referenced this pull request Jun 19, 2024
@miqui
Merge pull request #3891 from handrews/oidc-320
8933990 
OIDC fixes (3.2.0 port of #3607, #3718)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@earth2marsh earth2marsh earth2marsh approved these changes

@ralfhandl ralfhandl ralfhandl approved these changes

@handrews handrews handrews approved these changes

Assignees
No one assigned
Labels
security: auth Authentication including overlap with authorization security
Projects
None yet
Milestone
v3.0.4
Development

Successfully merging this pull request may close these issues.
4 participants
@shilpa-padgaonkar @handrews @earth2marsh @ralfhandl